SSL Error #38 on Citrix

shard26
shard26 used Ask the Experts™
on
This afternoon everyone started getting this error:

Cannot connect to the Citrix Xenpp Server.
SSL Error 38: the proxy server denied access to  ..... port 1494

Any ideas?

I have rebooted everything Citrix-related.

Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®

Author

Commented:
here is something from the Citrix Access Gateway Admin Portal:

(05/26/11 15:04:22):L20:616:16384:controller:socket::socket.c:379:SESSINFO:0:SSL client session cache initialized:
(05/26/11 15:04:22):L20:616:16384:controller:socket::socket.c:1849:SESSINFO:0:initialized SSL library:
(05/26/11 15:04:22):L20:616:16384:controller:socket::socket.c:1968:SESSINFO:0:initialized SSL methods and contexts:
(05/26/11 15:04:23):L20:616:16384:controller:socket::socket.c:2033:SESSINFO:0:associated server certificate and private key with SSL context:
(05/26/11 15:04:23):L15:616:16384:controller:socket::socket.c:1257:SESSINFO:0:Client PEM file not found for backend SSL connections:
(05/26/11 15:04:23):L15:616:16384:controller:socket::socket.c:2063:SESSINFO:0:failed to configure controller to use client certificates on backend SSL connections:

Author

Commented:
Reboot the NetScaler.

- Or -

Remove and then re-add the SSL VIP.

is what the site says.  Is rebooting the NetScaler the same as rebooting the CAG? If so, I already did that.

Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

are you able to telnet from the CAG to your XenApp Server using Port 1494?
You should see ICAICAICA....

Author

Commented:
do you mean telnet from the Citrix Access Gateway Admin Desktop? I totally don't know how to do that.

no, the telnet session must be initiated from the CAG Linux-Apliance.
The enduser makes a connection to the appliance with port 443 and the appliance makes connections to the xml-service (to recive the informations to display the user-icons) and then a new connection to the ica-Port (1494) if the user click an icon.

Author

Commented:
I accepted because you guys helped me out. I just re-installed the AAC and that solved the error.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial